Re: Problems applying godaddy SSL certificate to WSS 3.0 website for external access

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

The only issue I see is that for the new site, based on the previous responses
but if its the same FQDN.com for all...the cert should work

externally its https://FQDN.com:5050 but internally its http://servername:8084 (WSS3.0) and this works

I think the ports have to match...someone else may know better

--
Cris Hanna [SBS-MVP]
-------------------------------------------------
Microsoft MVPs
Independent Experts (MVPs do not work for MS)
Real World Answers
---------------------------------------------------------
Please do not contact me directly regarding issues

"AllenM" <noreply@xxxxxxxxxxx> wrote in message news:OGpVbTgtIHA.2188@xxxxxxxxxxxxxxxxxxxxxxx
thanks Chris. This may be the answer because accordning to godaddy they say they can view my certificate using Open SSL and it shows I'm still using the self signed key even though I removed all keys from within MMC/Certificates. So I will try this. But before I do can I ask one more time if you think this godaddy certificate will work on

https://FQDN.com/exchange
https://FQDN.com/remote and
https://FQDN.com/:444

as well as working on

https://FQDN.com:5050

As of now everything works externally except the above and internally everything works including internal access to WSS 3.0 at http://servername:8084

"Cris Hanna [SBS-MVP]" <crisnospamhanna@xxxxxxxxxxxxxxxxxxxxx> wrote in message news:uxL%23UPgtIHA.3792@xxxxxxxxxxxxxxxxxxxxxxx
If you are wanting to use the godaddy cert for all sites
You need to re-run the CEICW and there you will get the option to use your go daddy cert, rather than the self signed cert

--
Cris Hanna [SBS-MVP]
-------------------------------------------------
Microsoft MVPs
Independent Experts (MVPs do not work for MS)
Real World Answers
---------------------------------------------------------
Please do not contact me directly regarding issues

"AllenM" <noreply@xxxxxxxxxxx> wrote in message news:ucc6OGgtIHA.5500@xxxxxxxxxxxxxxxxxxxxxxx
Here is my current environment:
SBS 2003 SP1
ISA 2004 SP2
MS Exch SP2

I've got all my sharepoint services websites published for external access
and all work fine. I have a registered FQDN pointing to my external IP so
that I can use to access my SSL site using the below listed links.

https://FQDN.com/exchange
https://FQDN.com/remote and
https://FQDN.com/:444


These all work just fine and dandy. I used a self signed certificate that I
generated within SBS and this works fine. You get the website error when you
first go to one of the above listed websites but once you install it the
next time and there after everything is fine.

Recently I installed WSS 3.0 in a side by side install as recommended by MS.
I went to godaddy and requested a web certificate. Got a great deal. 5 years
for like 14.99 a year. Anyways I went through the whole process and created
my CSR in IIS and sent it to godaddy.

Now here is where I think the problem exists. When creating the CSR to
submit to godaddy for my SSL I used the same "COMMON NAME" that is used for
the above websites. I thought this was ok because it was using a different
SSL port. So when I try to go the the WSS 3.0 website externally I get the
following.......

https://FQDN.com:5050 I get a page not found error. The error code is

Error Code: 500 Internal Server Error. The target principla name is
incorrect.

Well after doing some researching and speaking with godaddy TS I was told
that my SSL certificate from them still shows I'm using a self signed key as
opposed to the private key issued to me by godaddy. They use the tool Open
SSL to view the certificate being used.

So I thought about it and discovered it has to be because my other SSL
websites are using the self signed SSL certificate generated within SBS with
the same name. So they suggested I get rid of thse self signed keys and
rekey another one for reissue. I went into the MMC/Certificates and under
the Personal Certificates removed all gomajaro self signed certificates as
well as the new godaddy one. I created a new CSR and rekeyed my web
certificate and resubmitted using the same name as the common name. Applied
to the WSS 3.0 website and made the apprpriate changes in ISA. Still get the
same error messages.
I can still access my old ssl websites

I can access internally http://companyweb (WSS2.0) as well as
http://servername:8084 (WSS3.0)

Now from the outside when I go the any one of the above ssl websites and
view the certificate is shows publishing.domainname.local

Where am I going wrong and what do I need to do. thanks for the assistance
once again.
Allen

Relevant Pages